首页 发现
注册 登录
Endevir
/
git-server
1
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
浏览代码

Fix "forcing" client certificate for SMTP

Dmitry Azhichakov 10 年之前
父节点
8a6c86644e
当前提交
3aaf292ba8
共有 3 个文件被更改,包括 21 次插入13 次删除
分列视图 显示文件统计
  1. 4 0
      conf/app.ini
  2. 8 6
      modules/mailer/mailer.go
  3. 9 7
      modules/setting/setting.go

+ 4 - 0
conf/app.ini
查看文件 

@@ -105,6 +105,10 @@ SUBJECT = %(APP_NAME)s
 
 HOST =
 
 ; Do not verify the certificate of the server. Only use this for self-signed certificates
 
 SKIP_VERIFY = 
+; Use client certificate
 
+; USE_CERTIFICATE = true
 
+; CERT_FILE = custom/mailer/cert.pem
 
+; KEY_FILE = custom/mailer/key.pem
 
 ; Mail from address, RFC 5322. This can be just an email address, or the "Name" <email@example.com> format 
 FROM =
 
 ; Mailer user name and password

+ 8 - 6
modules/mailer/mailer.go
查看文件 

@@ -72,15 +72,17 @@ func sendMail(settings *setting.Mailer, recipients []string, msgContent []byte)
 
 		return err
 
 	}
 
 
-	cert, err := tls.LoadX509KeyPair(settings.CertFile, settings.KeyFile)
 
-	if err != nil {
 
-		return err
 
-	}
 
-
 
 	tlsconfig := &tls.Config{
 
 		InsecureSkipVerify: settings.SkipVerify,
 
 		ServerName:         host,
 
-		Certificates:       []tls.Certificate{cert},
 
+	}
 
+
 
+	if settings.UseCertificate {
 
+		cert, err := tls.LoadX509KeyPair(settings.CertFile, settings.KeyFile)
 
+		if err != nil {
 
+			return err
 
+		}
 
+		tlsconfig.Certificates = []tls.Certificate{cert}
 
 	}
 
 
 	conn, err := net.Dial("tcp", net.JoinHostPort(host, port))

+ 9 - 7
modules/setting/setting.go
查看文件 

@@ -451,6 +451,7 @@ type Mailer struct {
 
 	From              string
 
 	User, Passwd      string
 
 	SkipVerify        bool
 
+	UseCertificate    bool
 
 	CertFile, KeyFile string
 
 }
 
 
@@ -479,13 +480,14 @@ func newMailService() {
 
 	}
 
 
 	MailService = &Mailer{
 
-		Name:       sec.Key("NAME").MustString(AppName),
 
-		Host:       sec.Key("HOST").String(),
 
-		User:       sec.Key("USER").String(),
 
-		Passwd:     sec.Key("PASSWD").String(),
 
-		SkipVerify: sec.Key("SKIP_VERIFY").MustBool(),
 
-		CertFile:   sec.Key("CERT_FILE").String(),
 
-		KeyFile:    sec.Key("KEY_FILE").String(),
 
+		Name:           sec.Key("NAME").MustString(AppName),
 
+		Host:           sec.Key("HOST").String(),
 
+		User:           sec.Key("USER").String(),
 
+		Passwd:         sec.Key("PASSWD").String(),
 
+		SkipVerify:     sec.Key("SKIP_VERIFY").MustBool(),
 
+		UseCertificate: sec.Key("USE_CERTIFICATE").MustBool(),
 
+		CertFile:       sec.Key("CERT_FILE").String(),
 
+		KeyFile:        sec.Key("KEY_FILE").String(),
 
 	}
 
 	MailService.From = sec.Key("FROM").MustString(MailService.User)
 
 	log.Info("Mail Service Enabled")